CN103680111B - Method and system capable of verifying intelligent sensing terminal data aggregation - Google Patents
Method and system capable of verifying intelligent sensing terminal data aggregation Download PDFInfo
- Publication number
- CN103680111B CN103680111B CN201410010601.0A CN201410010601A CN103680111B CN 103680111 B CN103680111 B CN 103680111B CN 201410010601 A CN201410010601 A CN 201410010601A CN 103680111 B CN103680111 B CN 103680111B
- Authority
- CN
- China
- Prior art keywords
- data
- terminal
- random number
- intellisense
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 230000002776 aggregation Effects 0.000 title claims abstract description 297
- 238000004220 aggregation Methods 0.000 title claims abstract description 297
- 238000000034 method Methods 0.000 title claims abstract description 97
- 230000008569 process Effects 0.000 claims abstract description 44
- 238000012795 verification Methods 0.000 claims abstract description 17
- 230000008447 perception Effects 0.000 claims description 21
- 238000009825 accumulation Methods 0.000 claims description 19
- 230000002452 interceptive effect Effects 0.000 claims description 16
- 238000010200 validation analysis Methods 0.000 claims description 16
- 230000006870 function Effects 0.000 claims description 11
- 238000003860 storage Methods 0.000 claims description 7
- 239000000203 mixture Substances 0.000 claims description 5
- 235000004789 Rosa xanthina Nutrition 0.000 claims description 3
- 241000109329 Rosa xanthina Species 0.000 claims description 3
- 230000008859 change Effects 0.000 claims description 2
- 238000013480 data collection Methods 0.000 claims description 2
- 238000007689 inspection Methods 0.000 description 14
- 238000004422 calculation algorithm Methods 0.000 description 9
- 230000004044 response Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 5
- 238000012360 testing method Methods 0.000 description 4
- 230000004913 activation Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 238000005259 measurement Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 241001269238 Data Species 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000000151 deposition Methods 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 230000008676 import Effects 0.000 description 2
- 238000005498 polishing Methods 0.000 description 2
- 241000196324 Embryophyta Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
Abstract
The invention discloses a method and a system capable of verifying intelligent sensing terminal data aggregation. The method comprises the following steps of firstly, generating and publishing global parameters by a network data aggregation server, collecting and generating registration information and encrypted spare data item sets of all the intelligent sensing terminals, and distributing the registration information and the encrypted spare data item sets to different data aggregation nodes; secondly, verifying the intelligent sensing terminals through the data aggregation nodes and alternately finishing a data aggregation process; finally, finishing verification on the correctness and the integrity of data statistic and a network data collecting process by using all the data published in the whole network data collecting process. The method is mainly characterized in that the data submitted by the intelligent sensing terminals in the data collecting process has the characteristics of privacy safety, statistic simplicity and verifiability.
Description
Technical field
Briefly, the present invention relates to computer information safety technique field, and have more particularly to one kind and can verify that
The Intellisense terminal data method for congregating of the features such as property and its system.
Background technology
At present, data gathering system is generally by the aggregation server positioned at center, and the multiple gatherings being distributed to various places
Node and multiple terminal are constituted.After terminal collection institute data at the scene, process through simple, by data by wired, or
The wireless modes such as wifi, bluetooth, zigbee submit to closest aggregation node, and aggregation node generates the datagram of encryption
Accuse, then these reports are sent to aggregation server by computer network.After accumulation process terminates, aggregation server is to collecting
The report of all field datas carry out counting, analyze, and announce statistics.Terminal can be wire communication terminal, such as common
Pc machine, more possibly mobile terminal, such as smart mobile phone, pda, panel computer, notebook computer etc..By configuring difference
Sensing module, terminal can gather polytype field data, including COMMUNICATION NETWORK PERFORMANCES parameter, environment at the scene
Temperature, air quality, traffic, free market commodity price etc..Therefore terminal data lens system can be applied to many
Macroscopical situation provides strong help to policymaker's assurance to plant the statistic analysis result assembling data under scene.
With traditional lens system phase based on wireless sensor network (wsn:wireless sensor network)
The sensing node of terminal data lens system has intelligent and mobility to ratio, and data can be pre-processed, and permissible
Gather more data in moving process, without worrying power issue, it can in addition contain be distributed to using existing
The mobile terminal of various places, need not additionally dispose sensing node.But also can using terminal in large-scale distributed data acquisition
Bring new security threat.It is privacy concern first.Participate in the terminal of data acquisition, such as mobile phone etc., often make along with it
User's movement, therefore these terminals, while submitting gathered data to, also expose the identity of its user, position, activity rule
The privacy informations such as rule.Next to that data integrity issues, because terminal is not controlled by central server, some malicious node meetings
Legal terminal is pretended to be repeatedly to send data, to affect the integrality of statistics.Data is in central server transmit process
It is likely to be changed by the via node of malice.In addition, the server carrying out data statistics is likely to distort statistics so that counting
According to end user be uncertain about the authenticity of statistics.
For this reason, exist in prior art and while hiding individuality terminal submits data to, remaining able to obtain and assemble to i.e.
The statistics of data, and the integrality of this result does not rely on lens system and the side of the honesty of data aggregation server
Method.
Content of the invention
Intellisense terminal data lens system described in the invention can protect the privacy of perception terminal, that is, hidden
While hiding individual terminal submission data, remain able to obtain the statistics assembling data, and the integrality of this result is not
Depend on the honesty of data aggregation server, any third party can verify the true of statistics according to public data
Property.Each data intelligence perception terminal can also verify whether the data of oneself is counted into final statistics, and this feature increases
Add the transparency of accumulation process, enhanced domestic consumer and participate in the confidence that data is assembled.
The problem to be solved in the present invention is to provide a kind of new intelligent terminal network data method for congregating and its related system,
This Intellisense terminal data method for congregating and its system is made the network data such as to have personal secrets, can verify that and assemble in application
Required important advantage.
In the data aggregation process of above-mentioned Intellisense terminal data lens system involved important component part and
Main flow describes in detail as follows:
Preferably, the composition of data gathering system is: Intellisense terminal data lens system is by the data positioned at center
Aggregation server, multiple data aggregation nodes, and it is distributed to the Intellisense terminal composition of various places.The collection of Intellisense terminal is existing
After field data, process through simple, data is passed through wired, or the wireless mode such as wifi, bluetooth, zigbee is submitted to recently
Data aggregation node, data aggregation node generates encryption data report, then these data reports passed by computer network
Give data aggregation server.After accumulation process terminates, data aggregation server carries out to all field datas collected counting,
Analysis, and announce statistics.The client of data gathering system query and statistical analysis result and former from data aggregation server
Beginning data.
The function of each chief component in this system is described below.
Preferably, data aggregation server includes:
Bulletin unit: bulletin unit is used for each participant broadcast to system, leaves data on bulletin unit in
Can be inquired about at any time by anyone.Data aggregation server can only add new in bulletin unit messaging list afterbody
Message, and each message has attached the digital signature of data aggregation server, is supported with preventing attacker from distorting server
Rely.
Registering unit: each participate in data assemble intelligent terminal before accumulation process starts first with line and
The mode that line combines is registered to data aggregation server.Each terminal tiGenerate a pair of public private key pair (vi, xi), and by public key
yiIt is sent to data aggregation server, private key x as the assumed name of oneselfiPreserved by terminal oneself is secret.tiWill be using xiTo oneself
The data report submitted to is digitally signed, to ensure the reliability of data source.After the legitimacy of this terminal of server authentication,
By its public key yiIt is saved in legal Intellisense terminal assumed name list t_list.
Initialization unit: be responsible for generating common parameter, secret random number, the alternate data item set of encryption.That encrypts is standby
After selecting collection of data items to generate, secret random number can abandon.After initialization procedure terminates, common parameter is appended to bulletin
The afterbody of unit messaging list.
Data accumulation unit: the alternate data item set of encryption is removed multiple subsets and is separately input to each data by (1)
The background data base of aggregation node.(2) the authentication information list t_list of all legal Intellisense terminals is input to each
The background data base of data aggregation node.(3) collect data from each data aggregation node.
Data statistics release unit: carried out according to the encryption data report that data intelligence perception terminals all in network are submitted to
Data statistics, provides statistical conclusions according to data statistics result.Meanwhile, using BBS system, all data intelligences are perceived
The data report that terminal is submitted to is announced, in order to customer inquiries and checking statistics.
Preferably, data aggregation node includes:
Data aggregation node function to be completed includes: (1) alternate data item set that storage is encrypted safely.(2) to intelligence
The legitimacy of energy perception terminal is verified.Take precautions against some malicious peer pretend to be legal terminal repeatedly participate in data aggregation process with
Destroy the integrality assembling result.(3) receive the data of Intellisense terminal, be transcribed into corresponding encryption data report.
(4) prove that the encryption data generating report truly encapsulates the data of terminal submission using interactive mode to terminal.
Preferably, Intellisense terminal includes:
Intellisense terminal obtains what field data generating was approved by data aggregation node accordingly by sensing module
Data options.During etc. moving in the transmission range of certain data aggregation node, data options are sent to this node, simultaneously with
Interactive mode verifies the validity of the encryption data report that node generates.Last Intellisense terminal utilizes the private key x of oneselfiFor
The final encryption data report generation digital signature determining.
According to a further aspect in the invention, provide a kind of method that network data is assembled, methods described includes procedure below:
Basic data aggregation process is by initial phase, endpoint registration stage, data assembles the stage and the statistics stage forms.(1) exist
Initial phase, data aggregation server is responsible for generating common parameter, secret random number, the alternate data item set of encryption.Plus
After close alternate data item collection symphysis becomes, secret random number can abandon.After initialization procedure terminates, common parameter is added
To the afterbody of bulletin unit messaging list, download for other participants.The alternate data item set of encryption is removed multiple subsets and is divided
It is not input to the background data base of each data aggregation node.Need to generate the use of oneself in each data aggregation node of this stage
Public private key pair (y in certificationi, xi).The public key y of all valid data aggregation nodesiForm list n_list, and by n_list
It is appended to the bulletin unit of data aggregation server.(2) in registration phase, the intelligent terminal that each participates in data gathering is being assembled
Stage registers to data aggregation server before starting first.Each terminal tiGenerate a pair of public private key pair (yi, xi), public key yi
It is saved in terminal authentication information list t_list as Intellisense terminal assumed name.Private key xiSecret guarantor is responsible for by terminal oneself
Deposit.(3) assemble the stage in data, Intellisense terminal first with interact formula apart from oneself nearest data aggregation node and recognize
Then the data is activation of collection in worksite is given this data aggregation node by card.After this node receives the data of terminal, translated
Become corresponding encryption data report.Terminal can interactively verify the validity of the encryption data report that this node generates.
The data report form that data aggregation node ultimately produces is 4 tuples (Intellisense terminal assumed name, encrypted data item, an intelligence
The signature of energy perception terminal, the signature of data aggregation node).Effectively data report is sent to number eventually through computer network
According to aggregation server, they are published to by bulletin unit by server.(4) in the data statistics stage, data aggregation server profit
With all data report counting statistics results collected.Other participants can also under conditions of there is no decruption key basis
Data report on bulletin unit is using simple algorithm counting statistics result to verify the integrality of data.
According to a preferred embodiment of the invention, the method that described network data is assembled further includes:
Initial phase
The groundwork of data aggregation process initial phase is to be responsible for generating common parameter, secret by data aggregation server
Close random number, the alternate data item set of encryption.It is assumed that the public key pk of data aggregation servervaDistributed with reliable way
Give all participants of data gathering system.With public key pkvaCorresponding private key skvaUtilize thresholding secret by multiple child servers
Close secret sharing is held jointly.Data service aggregation implement body initial work to be completed is as follows.
Generate common parameter
Data aggregation server is responsible for generating following common parameter:
1. generate two Big prime p, q, meet 2q=p-1, and in groupUpper discrete logarithm problem is difficult to resolve.That is, two are generated
Individual Big prime p, q, meet 2q=p-1, and require the group being formed according to pOn discrete logarithm problem difficulty assume set up,
Thus ensureing that the data item encrypted is not cracked.
2. exist, in randomly select q rank element g, h, and set and generated by gCyclic subgroup be g.Because g and h is
The child servers of multiple data aggregation servers randomly select jointly, so under discrete logarithm problem difficulty is assumed, not having
Someone can know that the discrete logarithm with regard to g for the h.
3. secure hash function h1: { 0,1 }*→zq, it will be used for constructing non-interactive type when generating encryption alternate data item
Zero-knowledge proof.
4. suppose to participate in the terminal that data assembles and be up to n (actual be certainly less than equal to n), data aggregation server needs
The number n=ε n of the alternate data item of encryption to be determined in advance, wherein ε >=2 are a safety coefficient.Each Intellisense terminal
Averagely can arrange alternate data item number be ε, wherein only one as valid option, other options can be by Intellisense
Terminal is used for the confidence level of inspection data aggregation node.ε is bigger, and the terminal participating in checking work is more, data aggregation node
Cheating is more easily tested out.Obviously, ε is bigger, and the expense of system is also bigger, therefore actual deployment when will be in security
A balance is done and efficiency between.Suggestion ε takes 5 or 10.
The above-mentioned common parameter that data aggregation server generates, including p, q, g, h, n, n, hash function h1Description letter
Breath, alternate data item set { c1, c2..., cm, bulletin unit will be published to before data gathering starts, and enclose
The digital signature of data aggregation server.Any participant can obtain these common parameters, and utilizes public key pkvaChecking is public
The authority of co-information.
In addition, normal operation of system necessarily assumes that parameter n and m meets condition:Wherein
WithRepresent respectively and take whole and take off whole.
Generate the alternate data item set of encryption
Assume that alternative collection of data items is { c1, c2..., cm, and parameter n and m meet conditionIfAssemble before the stage starts in data, data aggregation server each
Participant combines the alternate data item set generating n encryption using following manner.
1. from integer set [0,1 ..., 2e] in take 2m group (every group n-1) random number:
{k1,1, k1,2..., k1, n-1, { k2,1, k2,2..., k2, n-1..., { kM, 1,kM, 2..., kM, n-1,
{t1,1, t1,2..., t1, n-1}{t2,1, t2,2..., t2,n-1..., { tM, 1, tm,2..., tm,n-1}
Then calculate:
Calculated again based on result above:
{ the k that easily proof generates according to the method described above1, k2..., kn}、{t1,t2..., tnNecessarily satisfying for:
{k1, k2..., kn}、{t1, t2..., tnPacify as secret value during generating encryption alternate data item set
Full mode is preserved.
2. data aggregation server calculates:
It can easily be proven that { w1, w2..., wnMeet:
Can be by { w1, w2..., wnRegard as with regard to secret random number { k1, k2..., kn}、{t1, t2..., tn?
Safety certificate (commitment).Safety certificate will not betray the pot to the roses any information of random number, and in discrete logarithm problem
Under difficulty is assumed, once announcing safety certificate, data aggregation server will be unable to using one group of different random number { k '1, k
′2..., k 'n}、{t′1, t '2..., t 'nBe used for producing alternate data item set.
3. data aggregation server generates and encrypts alternate data item set:
vJ, i=kj+2e(i-1),I=1,2 ..., m,
J=1,2 ..., n
P in above formulaJ, i=nizk{tj|a(tj) represent with regard to secret value tjNon-interactive zero-knowledge proof.By pj,i,
Data aggregation server can be in value t that do not betray the pot to the rosesjOn the premise of it was demonstrated that meet assert a (tj) set up, thus not revealing
kjOn the premise of prove vJ, iBuilding method meet agreement regulation.Construct this non-interactive zero-knowledge proof and will use Hash
Function h1: { 0,1 }*→zq.
{(vJ, 0, pJ, 0), (vJ, 1,pJ, 1) ..., (vJ, m, pJ, m) constitute an alternate data item group encrypted, such
Alternate item group has n, constitutes the alternate data item set of encryption: { (vj,0, pj,0), (vj,1,pj,1) ..., (vj,m, pj,m)}
(j=1,2,...,n).When submitting data to, if Intellisense terminal selects ci, then by data aggregation node by option (vj,i,
pj,i) report to data aggregation server.And (vJ, 0, pJ, 0) more special, Validation of Data will be used for.
4. data aggregation server can be by n encryption alternate data item { (v of above-mentioned generationJ, 0, pJ,0), (vj,1,
pJ, 1) ..., (vj,m, pJ, m) (j=1,2 ..., n) be divided into multiple subsets (according to data aggregation node number), and use respectively
Secured fashion imports in the background data base of multiple data aggregation nodes.
5. data aggregation server is by { k1, k2..., kn}、{t1,t2..., tnEtc. secret value delete, by { w1,
w2..., wnBe published on bulletin unit and enclose the digital signature of oneself.Any participant can be by checkingWhether the encryption alternate data item set whether setting up the generation of inspection data aggregation server meets protocol requirement.
Registration phase
In registration phase, each participate in intelligent terminal that data assembles before the gathering stage starts first with line and
The mode combining online is registered to data aggregation server.Concrete register method is:
1. the manager of data aggregation server utilizes line under type (offline) to verify the legitimacy of intelligent terminal, example
As checked the identity card of terminal holder or the product id of terminal.Check unsuccessfully, then terminate registration process immediately.
2. each terminal tiGenerate a pair of public private key pair (yi, xi).The public key signature algorithm being adopted can be any
It is proved to safe algorithm, such as rsa algorithm, dsa algorithm etc..Data aggregation server and intelligent terminal both sides are calculated to using which class
Method is arranged in advance.
3. terminal tiBy public key yiIt is sent to data aggregation server.For proving that this terminal holds and public key yiCorresponding private
Key, server generates random number r, and using r | | timestamp represents the time as challenge message m, wherein timestamp
Stamp.Server makes terminal generation with regard to digital signature sig (m) of m, the then validity of inspection signature sig (m).Check unsuccessfully,
Then terminate registration process immediately, otherwise proceed next step.
4. after inspection, public key yiThe certification being saved in data aggregation server by the assumed name as this intelligent terminal is believed
In breath list ac_list.Private key xiSecret preservation is responsible for by terminal oneself.
5. list of public keys n_list of all valid data nodes is downloaded in the memory of intelligent terminal.Registration process
Terminate.
In above-mentioned registration process, only data aggregation server knows assumed name yiWith the corresponding relation of physical end id,
And this corresponding relation cannot be obtained for data aggregation node, the user of data gathering system.Therefore, provide here necessarily
End user privacy protection.
Data assembles the stage
Assemble the stage in data, Intellisense terminal interacts formula with apart from oneself nearest data aggregation node first
Then the data is activation of collection in worksite is given this data aggregation node by certification.These data are passed through meter by data aggregation node again
Calculation machine network sends data aggregation server to.The specific course of work is as follows.
1. after data perception intelligent terminal reaches in the range of the efficient communication of certain data aggregation node, first with this section
Point completes interactive authentication.Because terminal holds list of public keys n_list of all valid data aggregation nodes it is possible to profit
With " challenge response " method, valid data aggregation node is authenticated.On the other hand, because data aggregation node can be from
The list t_list of legal terminal is obtained on data aggregation server it is possible to " challenge response " method of utilization is to legal
Data perception intelligent terminal is authenticated.
2. interactive authentication passes through afterwards, and data aggregation node sends all alternate data items in plain text to intelligent terminal, will
Set { c1, c2..., cmIt is sent to terminal.
3. terminal according to field measurement data from { c1, c2..., cmIn select corresponding option (be assumed to ci), and will
The selection of oneself is sent to data aggregation node.
4. data aggregation node is from alternate data item the set { (v of encryptionj,0, pj,0), (vj,1,pj,1) ..., (vj,m,
pJ, m) (j=1,2 ..., n) in appoint take an option group { (vk,0, pj,0), (vj,1,pj,1) ..., (vj,m,pj,m), then will
With ciCorresponding (vj,i,pJ, i) as the encryption alternate data item ultimately generating.
Data aggregation node is by vJ, iCorresponding binary string is divided into m part from low level to a high position, each part bag
Containing e bit (the comprised bit number of highest bit position is likely larger than e), then concatenate into m with m partial binary individual corresponding
Ten's digit (d1, d2..., dm).
Data aggregation node is by option (vj,i, pJ, i)、(d1, d2..., dm) and digital signature s of oneselfnIt is sent to end
End.
5. after terminal authentication node digital signature validity, there are two kinds of selections: " re-entering " and " submitting to ".
If selected " submitting to ", terminal utilizes the private key x of oneselfiTo data { (v to be submitted toj,i,pj,i),(d1,
d2..., dm) generate digital signature st, then will sign stIt is sent to data aggregation node.Data aggregation node generates final
Data report report={ yi, (vj,i, pJ, i),(d1, d2..., dm), sn, st, wherein yiIt is the assumed name of terminal.Data is gathered
Data report is sent to data aggregation server by collection node, and returns success message to terminal.After submitting success to, intelligence is felt
Know that terminal preserves data report, and leave.
If terminal selects " re-entering ", data aggregation node startup " data report validation verification " flow process (after
Its detailed process is terminated in face) verify the encrypted data item { (v that data aggregation node generatesj,i,pj,i),(d1, d2..., dm) be
No real to should terminal submission data ci.After being verified, return the 3rd step, terminal resubmits data, node
Regenerate corresponding encrypted data item.
6., after the data accumulative phase terminates, each data aggregation node is by oneself remaining standby alternate data item set
{(vj,0,pj,0), (vj,1, pj,1),...,(vj,m,pj,m) (vj,0, pj,0) partly it is sent to data aggregation server, and indicate
For " calcellation ".
Through above 6 steps, the data report of each Intellisense terminal has been submitted to data in an encrypted form and has assembled clothes
The bulletin unit of standby device, anyone can inquire about.
The idiographic flow of " the data report validation verification " of the 5th step is as follows above:
(1), after data aggregation node receives " re-entering " request of terminal, data aggregation node is by (vJ,0, pJ, 0)
And vJ, 0Corresponding m decimal number { d '1, d '2..., d 'mIt is sent to terminal.
(2) Intellisense terminal is verified on the spot: for two groups of digital { d1, d2..., dmAnd { d '1, d '2..., d 'm,
Except di-d′i=1, other m-1 numerals are all equal.If be unsatisfactory for, illustrate data aggregation node in cheating.
(3) p of Intellisense terminal authentication node outputj,0、pJ, iAnd digital signature s of data aggregation nodenWhether
Effectively.If invalid, terminal terminates submitting data to this node, and thinks that data assembles clothes after can retaining relevant evidence
This node complained by business device.
(4) if data item (vj,i,pj,i) being used for doing validation verification, then this data item is equivalent to and is cancelled.Data
Aggregation node is only by (vi,0, pj,0) it is submitted to data aggregation server.
The data statistics stage
After data aggregation process terminates, the information that data aggregation server is announced on unit is locked.Data service aggregation
Device first checks for announcing in the data report list on unit whether comprise n item, if less than n, some preliminary data items is then described
Lose.After the preliminary data item polishing that will lose, anyone can be according to the information counting statistics result on bulletin unit.
If the item set announced on bulletin unit is combined into { (v1, p1), (v2, p2) ..., (vn, pn), each vi(1≤i
≤ n) corresponding m ten's digit be { di,1, di,2..., di,m}.
So, option cj(1≤j≤m) final statistics rjFor
Statistics can be obtained by simple modulo addition.And the validity of each data report can be passed through
Zero-knowledge proof piAnd the validity of associated digital signature tests.
As follows from the principle of statistic algorithm: to be can be seen that often according to the process of the preliminary data option set generating encryption
Data options v of individual encryptionj(1≤j≤n) without being marked as cancelling, is then represented byShape
Formula, wherein bj∈ { 1,2 ..., m };If being marked as cancelling, v can be expressed asj=kjForm.bjValue depend on right
Answer the actual selection of Intellisense terminal.If Intellisense terminal have selected alternate item ci, then bj=i.
Further, kjCan be expressed asForm.Therefore, with vjCorresponding m ten's digit
dj,i(i=1,2 ..., m) can be expressed as kI, j+bI, jForm.Wherein bi,jValue 0 or 1, if 1 then it represents that being to select
Alternate data item ci.If bj=i, then bi,j=1, and bk,j=0(k≠i).In vjDuring for cancelling, bI, j(i=1,2 ..., m) all etc.
In 0, do not select any alternate data item.
According to generate standby suggestion option set process it is known thatTherefore,
I.e. riFor alternate item ciSupport number.
Had the advantage that compared with the conventional method according to the data method for congregating of the present invention
Statistics is simple
One of advantage of designed data gathering system is that statistics is simple.This feature is mainly reflected in following two aspects.
1. from statistics.After data aggregation process terminates, any system user can be public according to data aggregation server
Accuse the public information counting statistics result on unit.Whole statistic processes does not need to trust and relies on any statistics center, therefore
Considerably increase the transparency of data gathering.
2. statistic algorithm is simple.Only need in statistic processes use very simple modulo addition.Realize statistic algorithm
Computer program be also easily understood very much, need not rely on minority security expert realize software, therefore increase further
The confidence level of statistics.
Verifiability
According to designed data method for congregating, almost all have in whole data aggregation process links and can verify that
Property, that is, observer or participant can check this link to whether there is cheating.The verifiability of this reinforcement ensure that number
According to assemble result integrality and credibility.
1. pair alternate data item collection closes the checking of generating process
In the generating process of alternate data item set, can be by disclosed random commitment value on inspection bulletin unit
(w1, w2..., wnWhether meet:
To verify the secret random value { k generating alternate data item set1, k2..., kn}、{t1,t2..., tnWhether accord with
Close following conditions:
Above-mentioned two condition is the key realized from statistics.In addition, under discrete logarithm problem difficulty is assumed, once public
Cloth safety certificate { w1, w2..., wn, data aggregation server will be unable to using a different set of random number { k '1, k '2...,
k′n}、{t′1,t′2,...,t′nBe used for producing alternate data item set, therefore take precautions against data aggregation server and levied in suggestion
The collection stage conspires the cheating of modification alternate data item with data aggregation node.
2. alternate data item verification of correctness
Any participant can be by checking zero-knowledge proof pJ, iValidation verification data aggregation server generate
Data item vj,iCorrectness, that is, verify vJ, iWhether the middle alternate item with cipher mode encapsulation belongs to the alternate item set specified
{c1, c2..., gm, and only encapsulate one of alternate item.
3. data aggregation node honesty checking
During assembling data submission, if the intelligent terminal participating in data gathering have selected alternate item ci, one is not
The data report that honest data aggregation node generates may correspond to alternate item ck(k ≠ i), has thus run counter to Intellisense eventually
The wish at end.
System adopts following verification method to take precautions against above-mentioned cheating: Intellisense terminal randomly chooses one alternatively first
Item ci, then data aggregation node will be with ciCorresponding encryption data report (comprises { d1, d2..., dmAnd (vj,i,pJ, i)) output,
And append the signature of oneself.If terminal is abandoned afterwards " confirm submit to ", node is by (vJ, 0, pJ, 0) and vJ, 0Corresponding m
Decimal number { d '1, d '2..., d 'mOutput.By contrasting two groups of numerals and inspection pJ, iAnd pJ, 0Validity it is possible to inspection
Test node output whether data report real and ciCorresponding.After this starts to generate report, node cannot determine Intellisense
Terminal selects " confirming to submit to " or " abandoning ", once guessing wrong, node will be unable to deny, because node has exported the numeral of oneself
Signature.Therefore it is directed to the checking of single Intellisense terminal, the node successful probability of cheating only has 1/2.Feel if there are f intelligence
Know that terminal did inspection, then node can practise fraud successful probability for (1/2)f.The process being become by alternate data item collection symphysis can
Know, the number n=ε n of standby alternate data item, ε take 5 or 10.Therefore each Intellisense terminal averagely can use 5 or 10
Standby suggestion option, averagely has 4 or 9 checking machine meetings.During large-scale data is assembled, as long as there being fraction Intellisense terminal-pair
The honesty of node did inspection, and the probability that node can successfully be practised fraud is very little.
4. Intellisense terminal legality checking
Anyone can be according to Information Authentication disclosed on data aggregation server: only through the legal intelligence of certification
Terminal in perception terminal assumed name list t_list have submitted data report, and each data report has attached and assumed name yiPhase
Join digital signature..
5. whether the data report of Intellisense terminal authentication oneself is counted into final result
After completing suggestion submission, Intellisense terminal can obtain the number that data aggregation server announces unit output
According to.Intellisense terminal can check whether the data report of oneself occurs in the data report list announced on bulletin unit
In.If it is not, can appeal to data aggregation server, the evidence (data that data aggregation server preserves according to terminal
Data is had to assemble the signature of data aggregation node in report) find cheating node.
Personal secrets
Personal secrets in data aggregation process refer to except terminal use oneself, and attacker cannot determine that this terminal is real
Which alternate data item border have submitted.Set data gathering system is from protecting to terminal privacy following aspects:
1. the data report being published to data aggregation server bulletin unit all employs encrypted form.(data item form
For vj=kj+2e(bj-1), wherein kjEncryption key can be considered), the validity of data item proves pjAlso alternate item letter will not be exposed
Breath (this is to be ensured by the characteristic of zero-knowledge proof), therefore (knows k in addition to data aggregation serveri), anyone is
The data of the actual submission of Intellisense terminal cannot be judged by the data report announced is announced on unit.
2. although data aggregation node knows data options vjThe alternate item of middle encryption, but they only know Intellisense eventually
The assumed name at end, can not be by data options vjGet up with the true identity information association of Intellisense terminal.
It should be noted that these accompanying drawings are intended to the general characteristic of description method, make in certain exemplary embodiments
Structure and/or material, and be intended to description provided below is supplemented.However, what these accompanying drawings were not drawn to, and
And be not fine structure or the Performance Characteristics accurately reflecting the embodiment arbitrarily providing, and also should not be construed as and pass through
Illustrative embodiments are defined to the number range being comprised or attribute or limit.In various figures using same or phase
Same reference is intended to instruction and there is same or identical element or feature.
Brief description
Generally describe the present invention, referring now to accompanying drawing, it is drawn not necessarily in regulation ratio, wherein:
Fig. 1 is the structural representation of Intellisense terminal data lens system according to the preferred embodiment of the present invention;
Fig. 2 is the structural representation of data aggregation server according to the preferred embodiment of the present invention;
Fig. 3 is the method carrying out data gathering using network data lens system according to the preferred embodiment of the present invention
Flow chart;
Fig. 4 is the side carrying out data gathering using network data lens system according to another preferred embodiment of the present invention
The flow chart of method;And
Fig. 5 is the side carrying out data gathering according to further embodiment of the present invention using network data lens system
The flow chart of method.
Specific embodiment
Although illustrative embodiments can carry out various change and adopt alternative form, embodiments thereof is as reality
Apply example to be given in the accompanying drawings, and will be described in detail herein.It is to be understood, however, that should not be by exemplary embodiment party
Formula is defined to particular forms disclosed, on the contrary, illustrative embodiments be intended to fall into right to go in the range of all
Modification, equivalent and substitute.In the description of whole accompanying drawing, identical reference represents identical element.
With reference to the accompanying drawings and detailed description, by once on a large scale as a example network data accumulation process, to the present invention
Described network data lens system and its correlation technique are described further.
Fig. 1 is the structural representation of Intellisense terminal data lens system according to the preferred embodiment of the present invention.As
Shown in Fig. 1, Intellisense terminal data lens system 100 includes: client terminal 101, data aggregation server 102, many numbers
According to aggregation node 103 (103a, 103b ..., 103n) and multiple Intellisense terminal (104a, 104b, 104c, 104d, 104e and
104f).Preferably, client terminal 101 can be any type device that can run and store various applications, for example individual number
Word assistant (pda), smart mobile phone, tablet PC, radio telephone, mobile computing device, camera, video recorder, audio frequency/
Video player, location equipment (for example, global positioning system (gps) equipment), game station, wireless device or various other
Similar equipment or a combination thereof.
Preferably, data aggregation server 102 is that by any computer equipment of data gathering, can be independent
Server or multiple server composition cluster server.Data aggregation server 102 includes: bulletin unit, registering unit,
Initialization unit, data accumulation unit data statistic unit, wherein will be explained below introducing the concrete function of unit.
Preferably, each of multiple data aggregation nodes 103 (103a, 103b ..., 103n) are suitable to assemble clothes using network data
In business device, the log-on message of multiple Intellisense terminals of storage is authenticated to corresponding Intellisense terminal, by certification
Intellisense terminal determines the data being associated with described Intellisense terminal in the alternate data item of encryption, and described data is gathered
Collection nodes records four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, data aggregation node
Signature >, submit to data aggregation server as data report.Preferably, each of multiple data aggregation nodes are equal
Meet the data collected from least one Intellisense terminal.As shown in figure 1, data aggregation node 103a is with Intellisense eventually
End 104a and 104b connects, and is responsible for collecting the data from Intellisense terminal 104a and 104b.Data aggregation node 103b with
Intellisense terminal 104c connects, and is responsible for collecting the data from Intellisense terminal 104c.Data aggregation node 103n and intelligence
Perception terminal 104d, 104e and 104f can connect, be responsible for collecting the data from Intellisense terminal 104d, 104e and 104f.
Each data aggregation node is each responsible for the Intellisense terminal of its respective connection is authenticated.
Preferably, each of multiple Intellisense terminals (104a, 104b, 104c, 104d, 104e and 104f) are suitable to
The data being associated with described Intellisense terminal is determined in the alternate data item of encryption.The plurality of Intellisense terminal can
To be being geographically spread out or geographically neighbouring.Preferably, Intellisense terminal can be various types of sensors, for example
Sound transducer, humidity sensor, temperature sensor, pressure sensor etc..Preferably, Intellisense terminal can be various clothes
Business terminal, such as atm automatic cash dispenser, atm ATM, atm automatic teller machine.Preferably, Intellisense terminal can
To be any type device that can run and store various applications, such as personal digital assistant (pda), smart mobile phone, flat board
Computer, radio telephone, mobile computing device, camera, video recorder, audio/video player, location equipment are (for example,
Global positioning system (gps) equipment), game station, wireless device or various other similar equipment or a combination thereof.
Preferably, data aggregation server is responsible for safeguarding the corresponding relation between data aggregation node and Intellisense terminal
(such as annexation), and above-mentioned relation is stored in corresponding memory cell.When Intellisense terminal is gathered from a data
Collection node be switched to another data aggregation node, when the offline or new Intellisense terminal of Intellisense terminal is reached the standard grade, data
Aggregation server is responsible for the corresponding relation between distribution, modification, record data aggregation node and Intellisense terminal.
Fig. 2 is the structural representation of data aggregation server according to the preferred embodiment of the present invention.Preferably, data is gathered
Collection server 102 includes: bulletin unit, registering unit, initialization unit, data accumulation unit data statistic unit.
Preferably, registering unit is used for before network data accumulation process starts, using combine under line and online
Mode is registered to each Intellisense terminal.Preferably, it is possible to use online mode passes through internet to each intelligence
Perception terminal is registered.Or, can by under line in the written signature in appointed place log-in protocol by way of registered.?
After registration step, generate public, private key pair for each Intellisense terminal, public key as the assumed name of its own and is sent to
Data aggregation server, and preserve private key in the memory cell of its own.Preferably, described assumed name refers to Intellisense
The another name of terminal.Preferably, the data report that its own is submitted to using private key pair is carried out numeral label by described Intellisense terminal
Name, to ensure that data is not tampered with.After data aggregation server verifies the legitimacy of described Intellisense terminal, by described intelligence
The public key of perception terminal is saved in legal assumed name list.Preferably, by described digital signature prevent data aggregation node and
Data aggregation server is distorted to data.
Preferably, initialization unit is used for generating common parameter, and chooses random number according to common parameter, thus according to
Random number calculates and generates secret random number.Preferably, initialization unit calculates according to described common parameter and secret random number
The safety certificate being associated with secret random number.Preferably, initialization unit according to described common parameter, secret random number and
The safety certificate being associated with secret random number generates the alternate data item set of encryption;
Preferably, data accumulation unit is used for for the alternate data item set of described encryption being input to each data in network
In the background data base of aggregation node.Preferably, data accumulation unit is by the authentication information of all legal Intellisense terminals
List be input to the background data base of each data aggregation node;
Preferably, data statistics unit is used for four-tuple < the intelligence sense according to the Intellisense terminal collected in network
Know terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature of data aggregation node > carry out data statistics, according to
Described data statistics determines that data assembles result.Illustrate, the four-tuple of Intellisense terminal 104a can be taking Fig. 1 as a example
< public key of Intellisense terminal 104a, the data item of encryption, the signature of Intellisense terminal 104a, data aggregation node 103a
Signature >.Wherein, the data item of encryption is data gathering system actually active data to be collected, the such as network bandwidth, link
The data that the Intellisense terminal such as utilization rate, node load can be collected.
In addition, data aggregation node, using the note of multiple Intellisense terminals of storage in network data aggregation server
Volume information is authenticated to corresponding Intellisense terminal, by the Intellisense terminal of certification in the alternate data item of encryption
Determine the data being associated with described Intellisense terminal, < Intellisense terminal is false for described data aggregation node record four-tuple
Name, encrypted data item, the signature of Intellisense terminal, the signature of data aggregation node >, submit to data as data report and gather
Collection server.Data intelligence perception terminal is associated with described Intellisense terminal for determining in the alternate data item of encryption
Data.
Fig. 3 is the method carrying out data gathering using network data lens system according to the preferred embodiment of the present invention
Flow chart.As shown in figure 3, methods described includes the following four stage:
1. initial phase:
In the initial phase of data aggregation process, establish data aggregation server first, afterwards clothes are assembled by this data
Business device is responsible for generating common parameter, secret random number, the alternate data item set of encryption.It is assumed herein that data aggregation server
Public key pkvaAll participants of data gathering system have been given with reliable way distribution.With public key pkvaCorresponding private key
skvaJointly held using threshold secret sharing scheme by multiple child servers.Data service aggregation implement body complete following just
Beginning chemical industry is made.
1.1. generate common parameter
The data aggregation server following common parameter of generation:
1) generate two Big prime p, q, meet 2q=p-1, and in groupUpper discrete logarithm problem is difficult to solve.That is, two
Individual Big prime p, q, meet 2q=p-1, and require the group being formed according to pOn discrete logarithm problem difficulty assume set up,
Thus ensureing that the data item encrypted is not cracked.
2) existIn randomly select q rank element g, h, and set and generated by gCyclic subgroup be g, guarantee do not have simultaneously
Someone can know that the discrete logarithm with regard to g for the h.
3) secure hash function h1: { 0,1 }*→zq, it will be used for constructing non-interactive type when generating encryption alternate data item
Zero-knowledge proof.
4) suppose to participate in the terminal that data assembles and be up to n (actual be certainly less than equal to n), data aggregation server needs
The number n=ε n of the alternate data item of encryption to be determined in advance, wherein ε > 2 are a safety coefficient.
The above-mentioned common parameter that data aggregation server generates, including p, q, g, h, n, n, hash function h1Description letter
Breath, alternate data item set { c1, c2..., cm, all it was published to bulletin unit before data gathering starts, and enclose number
Digital signature according to aggregation server.
In addition, normal operation of system necessarily assumes that parameter n and m meets condition:WhereinWithRepresent respectively and take whole and take off whole.
1.2. generate the alternate data item set of encryption:
Assume that alternative collection of data items is { c1, c2..., cm, and parameter n and m meet condition
IfBefore the data gathering stage starts, each participant of data aggregation server utilizes following manner to join
Symphysis becomes the alternate data item set of n encryption.
1) from integer set [0,1 ..., 2e] in take 2m group (every group n-1) random number:
{k1,1, k1,2..., k1, n-1, { k2,1, k2,2..., k2,n-1..., { kM, 1, kM, 2..., kM, n-1,
{t1,1, t1,2..., t1,n-1, { t2,1, t2,2,..., t2, n-1..., { tM, 1, tM, 2..., tm,n-1}
Then calculate:
Calculated again based on result above:
{ the k that easily proof generates according to the method described above1, k2..., kn}、{t1, t2..., tnNecessarily satisfying for:
{k1, k2..., kn}、{t1, t2..., tnPacify as secret value during generating encryption alternate data item set
Full mode is preserved.
2) data aggregation server calculates:
It can easily be proven that { w1, w2..., wnMeet:
Can be by { w1, w2..., wnRegard as with regard to secret random number { k1, k2..., kn}、{t1, t2..., tn?
Safety certificate (commitment).
3) data aggregation server generates and encrypts alternate data item set:
I=1,2 ..., m,
J=1,2 ..., n
P in above formulaJ, i=nizk{tj|a(tj) represent with regard to secret value tjNon-interactive zero-knowledge proof.By pJ, i,
Data aggregation server can be in value t that do not betray the pot to the rosesjOn the premise of it was demonstrated that meet assert a (tj) set up, thus not revealing
kjOn the premise of prove vJ, iBuilding method meet agreement regulation.Construct this non-interactive zero-knowledge proof and will use Hash
Function h1: { 0,1 }*→zq.
{(vJ, 0pJ, 0), (vJ, 1, pJ, 1) ..., (vJ, mpJ, m) constitute an alternate data item group encrypted, such standby
Option group has n, constitutes the alternate data item set of encryption: { (vj,0, pJ, 0), (vJ, ipJ, 1) ..., (yJ, m, pJ, m)}(j=
1,2 ..., n).When submitting data to, if Intellisense terminal selects ci, then by data aggregation node by option (vJ, i,
pJ, i) report to data aggregation server.And (vj,0, pJ, 0) more special, Validation of Data will be used for.
4) data aggregation server encrypts alternate data item { (v by n of above-mentioned generationj,0, pJ, 0), (vj,1,
pJ, 1) ..., (pJ, m, pJ, m) (j=1,2 ..., n) be divided into multiple subsets (according to data aggregation node number), and use respectively
Secured fashion imports in the background data base of multiple data aggregation nodes.
5) data aggregation server is by { k1, k2..., tn}、{t1, t2..., tnEtc. secret value delete, by { w1, w2...,
wnBe published on bulletin unit and enclose the digital signature of oneself.Any participant can be by checkingWhether
Whether the encryption alternate data item set setting up the generation of inspection data aggregation server meets protocol requirement.
2. registration phase:
In registration phase, each participate in intelligent terminal that data assembles before the gathering stage starts first with line and
The mode combining online is registered to data aggregation server.Concrete register method is:
2.1. the manager of data aggregation server utilizes line under type (offline), and the product id of inspection terminal is testing
The legitimacy of card intelligent terminal.Check unsuccessfully, then terminate registration process immediately.
2.2. each terminal tiA pair of public private key pair is generated using the rsa algorithm appointed in advance with data aggregation server
(yi, xi).
2.3. terminal tiBy public key yiIt is sent to data aggregation server.For proving that this terminal holds and public key yiCorresponding
Private key, server generates random number r, and using r | | timestamp as challenge message m, when wherein timestamp represents
Between stab.Server makes terminal generation with regard to digital signature sig (m) of m, the then validity of inspection signature sig (m).Inspection is lost
Lose, then terminate registration process immediately, otherwise proceed next step.
2.4. after inspection, public key yiIt is saved in the certification of data aggregation server by the assumed name as this intelligent terminal
In information list ac_list.Private key xiPreserved by terminal is secret.
2.5. list of public keys n_list of all valid data nodes is downloaded in the memory of intelligent terminal.Registered
Journey terminates.
3. data is assembled the stage:
Assemble the stage in data, Intellisense terminal interacts formula with apart from oneself nearest data aggregation node first
Then the data is activation of collection in worksite is given this data aggregation node by certification.These data are passed through meter by data aggregation node again
Calculation machine network sends data aggregation server to.The specific course of work is as follows.
3.1. after data perception intelligent terminal reaches in the range of the efficient communication of certain data aggregation node, first with this
Node completes interactive authentication.Due to terminal hold all valid data aggregation nodes list of public keys n_list it is possible to
Using " challenge response " method, valid data aggregation node is authenticated.On the other hand, because data aggregation node is permissible
The list t_list of legal terminal is obtained from data aggregation server it is possible to " challenge response " method of utilization is to legal
Data perception intelligent terminal be authenticated.
3.2. interactive authentication passes through afterwards, and data aggregation node sends all alternate data items in plain text to intelligent terminal, that is,
{ c will be gathered1, c2,...,cmIt is sent to terminal.
3.3. terminal according to field measurement data from { c1, c2..., cmIn select corresponding option (be assumed to ci), and
The selection of oneself is sent to data aggregation node.
3.4. data aggregation node is from alternate data item the set { (v of encryptionj,0, pj,0), (vj,1, pJ, 1) ..., (vj,m,
pj,m) (j=1,2 ..., n) in appoint take an option group { (vj,0, pj,0), (vj,1,pj,1) ..., (vj,m, pj,m), then will
With ciCorresponding (vj,i,pJ, i) as the encryption alternate data item ultimately generating.
Data aggregation node is by vJ, iCorresponding binary string is divided into m part from low level to a high position, each part bag
Containing e bit (the comprised bit number of highest bit position is likely larger than e), then concatenate into m with m partial binary individual corresponding
Ten's digit (d1, d2..., dm).
Data aggregation node is by option (vj,i,pj,i)、(d1, d2..., dm) and digital signature s of oneselfnIt is sent to end
End.
3.5. there are two kinds of selections: " re-entering " and " submitting to " after terminal authentication node digital signature validity.
If selected " submitting to ", terminal utilizes the private key x of oneselfiTo data { (v to be submitted toj,i,pJ, i), (d1,
d2..., dm) generate digital signature st, then will sign stIt is sent to data aggregation node.Data aggregation node generates final
Data report report={ yi,(vj,i,pJ, i), (d1, d2..., dm), sn, st, wherein yiIt is the assumed name of terminal.Data is gathered
Data report is sent to data aggregation server by collection node, and returns success message to terminal.After submitting success to, intelligence is felt
Know that terminal preserves data report, and leave.
If terminal selects " re-entering ", data aggregation node startup " data report validation verification " flow process (after
Its detailed process is terminated in face) verify the encrypted data item { (v that data aggregation node generatesj,i,pJ, i), (d1, d2..., dm) be
No real to should terminal submission data ci.After being verified, return the 3.3rd step, terminal resubmits data, section
Point regenerates corresponding encrypted data item.
3.6., after the data accumulative phase terminates, each data aggregation node is by oneself remaining standby alternate data item collection
Close { (vj,0, pj,0), (vj,i,pj,1) ..., (vj,m,pj,m) (vj,0, pj,0) partly it is sent to data aggregation server, and note
Bright for " calcellation ".
Through above 6 steps, the data report of each Intellisense terminal has been submitted to data in an encrypted form and has assembled clothes
The bulletin unit of business device, anyone can inquire about.
The idiographic flow of " the data report validation verification " of the 5th step is as follows above:
(1), after data aggregation node receives " re-entering " request of terminal, data aggregation node is by (vJ, 0,pj,0) and
vJ, 0Corresponding m decimal number { d '1, d '2..., d 'mIt is sent to terminal.
(2) Intellisense terminal is verified on the spot: for two groups of digital { d1, d2..., dmAnd { d '1, d '2..., d 'm,
Except di-d′i=1, other m-1 numerals are all equal.If be unsatisfactory for, illustrate data aggregation node in cheating.
(3) p of Intellisense terminal authentication node outputj,0、pj,iAnd digital signature s of data aggregation nodenWhether
Effectively.If invalid, terminal terminates submitting data to this node, and thinks that data assembles clothes after can retaining relevant evidence
This node complained by business device.
(4) if data item (vj,j,pj,i) being used for doing validation verification, then this data item is equivalent to and is cancelled.Data
Aggregation node is only by (vj,0,pj,0) it is submitted to data aggregation server.
4. the data statistics stage:
After data aggregation process terminates, the information that data aggregation server is announced on unit is locked.Data service aggregation
Device first checks for announcing in the data report list on unit whether comprise n item, if less than n, some preliminary data items is then described
Lose.After the preliminary data item polishing that will lose, anyone can be according to the information counting statistics result on bulletin unit.
Circular is as follows.
If the item set announced on bulletin unit is combined into { (v1, p1), (v2, p2) ..., (vn, pn), each vi(1≤i
≤ n) corresponding m ten's digit be { di,1, di,2..., dI, m}.
So, option cj(1≤j≤m) final statistics rjFor
Statistics can be obtained by simple modulo addition.And the validity of each data report can be passed through
Zero-knowledge proof piValidity and the validity of digital signature test.
Fig. 4 is the side carrying out data gathering using network data lens system according to another preferred embodiment of the present invention
The flow chart of method.Methods described from the beginning of step 401, assemble initially as starting point by data.Then proceed to step 402, intelligence
Perception terminal interacts formula certification with apart from oneself nearest data aggregation node first, then sends out the data of collection in worksite
Give this data aggregation node.Data aggregation node sends these data to data service aggregation by computer network again
Device.After data perception intelligent terminal reaches in the range of the efficient communication of certain data aggregation node, complete with this node first
Interactive authentication.Because terminal holds list of public keys n_list of all valid data aggregation nodes it is possible to utilize " matter
Inquiry response " method is authenticated to valid data aggregation node.On the other hand, because data aggregation node can gather from data
The list t_list of legal terminal is obtained on collection server it is possible to " challenge response " method of utilization is to legal data sense
Know that intelligent terminal is authenticated.
In step 403, judge whether by interactive authentication.When not passing through interactive authentication, proceed to step 412,
Process terminates.When by interactive authentication, carry out step 404, data aggregation node sends all alternative numbers to intelligent terminal
According to item in plain text, { c will be gathered1, c2..., cmIt is sent to terminal.
Terminal is according to field measurement data from { c1, c2..., cmIn select corresponding option (be assumed to ci), and will be from
Oneself selection is sent to data aggregation node.
Data aggregation node is from alternate data item the set { (v of encryptionj,0,pj,0), (vj,1,pj,1) ..., (vj,m, pj,m)}
(j=1,2 ..., n) in appoint take an option group { (vj,0, pj,0), (vj.1,pJ, 1) ..., (vj,m,pj,m), then will be with ciRight
(the v answeringj,i,pJ, i) as the encryption alternate data item ultimately generating.
Data aggregation node is by vj,iCorresponding binary string is divided into m part from low level to a high position, each part bag
Containing e bit (the comprised bit number of highest bit position is likely larger than e), then concatenate into m with m partial binary individual corresponding
Ten's digit (d1, d2..., dm).Data aggregation node is by option (vj,i,pJ, i)、(d1, d2..., dm) and the numeral of oneself
Signature snIt is sent to terminal.
In step 405, aggregation node generates data report.
Selected after step 406, terminal authentication node digital signature validity: " re-entering " and " pinch friendship ".
If selected " submitting to ", carry out step 407, terminal utilizes the private key x of oneselfiTo data { (v to be submitted toj,j,
pJ, i), (d1, d2..., dm) generate digital signature st, then will sign stIt is sent to data aggregation node.In step 408, number
Generate final data report report={ y according to aggregation nodei, (vj,i, pJ, i), (d1, d1..., dm), sn, st, wherein yiIt is
The assumed name of terminal.Data report is sent to data aggregation server by data aggregation node, and returns success message to terminal.Carry
After handing over success, Intellisense terminal preserves data report, and leaves.
If selecting " re-entering " in step 406, carry out step 409 it is desirable to data is assembled and announced evidence.Step
410, data aggregation node starts " data report validation verification " flow process and (terminates its detailed process two checking data below to assemble
The encrypted data item { (v that node generatesj,i, pJ, i), (d1, d2..., dm) whether really to should terminal submission data
ci.In step 411, it is determined whether by checking, if not verified, carry out step 412, process terminates;If passed through
Checking, then return to step 404, terminal resubmits data, node regenerates corresponding encrypted data item.
Preferably, at step 412, after the data accumulative phase terminates, each data aggregation node is remaining standby by oneself
With alternate data item set { (vj,0, pJ, 0), (vj,1, pj,1) ..., (vj,m,pj,m) (vJ, 0, pJ, 0) partly it is sent to data
Aggregation server, and it is labeled as " calcellation ".
Through step, the data report of each Intellisense terminal has been submitted to data aggregation server in an encrypted form
Bulletin unit, anyone can inquire about.
Preferably, the idiographic flow of " data report validation verification " above is as follows:
(1), after data aggregation node receives " re-entering " request of terminal, data aggregation node is by (vj,0, pj,0) and
vj,0Corresponding m decimal number { d '1, d '2..., d 'mIt is sent to terminal.
(2) Intellisense terminal is verified on the spot: for two groups of digital { d1, d2..., dmAnd { d '1, d '2..., d 'm,
Except di-d′i=1, other m-1 numerals are all equal.If be unsatisfactory for, illustrate data aggregation node in cheating.
(3) p of Intellisense terminal authentication node outputj,0、pj,iAnd digital signature s of data aggregation nodenWhether
Effectively.If invalid, terminal terminates submitting data to this node, and thinks that data assembles clothes after can retaining relevant evidence
This node complained by business device.
(4) if data item (vj,i, pJ, i) being used for doing validation verification, then this data item is equivalent to and is cancelled.Data
Aggregation node is only by (vj,0, pj,0) it is submitted to data aggregation server.
Fig. 5 is the side carrying out data gathering according to further embodiment of the present invention using network data lens system
The flow chart of method.Method 500 is applied to including network data aggregation server, multiple network data aggregation node and multiple intelligence
The system of perception terminal.Method 500 from the beginning of step 501, before network data accumulation process starts, using under line and online
The mode combining is registered to each the Intellisense terminal in multiple Intellisense terminals, for each Intellisense terminal
Generate public, private key pair, public key as the assumed name of its own and is sent to data aggregation server, and depositing at its own
Private key is preserved, the data report that it is submitted to using private key pair is carried out numeral label by wherein said Intellisense terminal in storage unit
Name, to ensure that data is not tampered with, after data aggregation server verifies the legitimacy of described Intellisense terminal, by described intelligence
The public key of perception terminal is saved in legal assumed name list.
In step 502, to the multiple Intellisense terminal broadcast message in network data lens system to start network number
According to accumulation process, the digital signature of the subsidiary described network data aggregation server of described message, to prevent attacker from disappearing to described
Cease distorts.
In step 503, the initialization unit using network data aggregation server generates common parameter.
In step 504, random number is chosen according to common parameter, and generation secret random number is calculated according to random number.
In step 505, the safety being associated with secret random number according to described common parameter and secret random number calculating
Certificate.
In step 506, according to described common parameter, secret random number and the safety certificate being associated with secret random number
Generate the alternate data item set of encryption.
In step 507, the data accumulation unit of network data aggregation server is by the alternate data item set of described encryption
It is input in the background data base of each data aggregation node in network, by the authentication information of all legal Intellisense terminals
List be input to the background data base of each data aggregation node.
In step 508, each of the plurality of data aggregation node utilizes in network data aggregation server and stores
The log-on message of multiple Intellisense terminals each of multiple Intellisense terminals are authenticated, by the intelligence of certification
Perception terminal Intellisense terminal can determine, in the alternate data item of encryption, the data being associated with described Intellisense terminal,
Described data aggregation node record four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, number
Signature according to aggregation node >, submit to data aggregation server as data report.
In step 509, the data statistics unit of network data aggregation server is according to the Intellisense collected in network
Four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the label of data aggregation node of terminal
Name > carry out data statistics, determine that data assembles result according to described data statistics.
In step 510, the data of determination is assembled result and is announced using BBS mode, and provide to described
The data determining assembles inquiry and the checking of result.
It is noted, however, that all these terms being associated with suitable physical quantity and term similar are only
It is the easily label being applied to this tittle.Unless specifically stated otherwise, or substantially obtain from discuss, such as " process ", " count
Calculate ", " estimation ", " determination ", the term of " display " etc., be related to action and the place of computer system or similar electronic computing device
Reason, by being expressed as physical quantity in the RS of computer system, the data of amount of electrons is manipulated and is converted to
It is expressed as physical quantity in computer system memory or register or other such information-storing devices, transmission or display device
Other similar data.
Also, it should be noted aspect realized by the software of illustrative embodiments typically depositing in some form of program
Encoded on storage media, or realized on some type of transmission medium.Computer-readable medium can be that magnetic is (for example, soft
Disk or hard disk drive) or light (for example, compact disc read write, or " cd rom ") it is possible to be read-only or arbitrary access
's.Similarly, transmission medium can be twisted-pair feeder, coaxial cable, optical fiber or other suitable transmission medium well known in the art.
Illustrative embodiments are not limited to these aspects of any specified realization.
Claims (10)
1. a kind of method carrying out network data gathering using network data lens system, described system includes network data and assembles
Server, multiple network data aggregation node and multiple Intellisense terminal are it is characterised in that methods described includes:
Before network data accumulation process starts, using line under type and/or online mode in multiple Intellisense terminals
Each Intellisense terminal registered, for each Intellisense terminal generate public, private key pair, using public key as its own
Assumed name and be sent to data aggregation server, and in the Intellisense terminal memory cell of itself preserve private key, wherein
It is submitted to using private key pair data report is digitally signed by described Intellisense terminal, to ensure that data is not tampered with,
After data aggregation server verifies the legitimacy of described Intellisense terminal, the public key of described Intellisense terminal is saved in conjunction
In method assumed name list;
To the multiple Intellisense terminal broadcast message in network data lens system to start network data accumulation process, described
The digital signature of the subsidiary described network data aggregation server of message, to prevent attacker from described message is distorted;
Initialization unit using network data aggregation server generates common parameter,
Random number is chosen according to common parameter, and generation secret random number is calculated according to random number;
The safety certificate being associated with secret random number according to described common parameter and secret random number calculating;
The safety certificate be associated according to described common parameter, secret random number and with secret random number generates the alternative of encryption
The set of data item;
The alternate data item set of described encryption is input in network respectively by the data accumulation unit of network data aggregation server
In the background data base of individual data aggregation node, the list of the authentication information of all legal Intellisense terminals is input to
The background data base of each data aggregation node;
Each of the plurality of data aggregation node utilizes multiple Intellisenses of storage in network data aggregation server
The log-on message of terminal is authenticated to each of multiple Intellisense terminals, is being added by the Intellisense terminal of certification
The data being associated with described Intellisense terminal, described data aggregation node record four-tuple is determined in close alternate data item
<Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature of data aggregation node>, by described four
Tuple submits to data aggregation server as data report;
The data statistics unit of network data aggregation server is according to the four-tuple < intelligence of the Intellisense terminal collected in network
Energy perception terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature of data aggregation node > carry out data statistics,
Determine that data assembles result according to described data statistics;And the data gathering result of determination is carried out using BBS mode
Announce, and inquiry and the checking of the data gathering result to described determination are provided.
2. method according to claim 1 it is characterised in that:
Described common parameter includes following part: 1) two Big prime p, q, meets 2q=p-1, and requires the group being formed according to pOn discrete logarithm problem difficulty assume set up, thus ensure encrypt alternate data item be not cracked;2) existIn with
Q rank element g, h that machine is chosen: generated by gCyclic subgroup be g;3) Intellisense terminal maximum value possible n, encryption
Alternate data item number n=ε n, wherein ε >=2 are safety coefficient;4) secure hash function h1:{0,1}*→zq, wherein zqFor group
And it is used for during the alternate data item generating encryption constructing non-interactive zero-knowledge proof;5) alternative item set is combined into
{c1,c2,…,cm, m is alternate data item number;
Described common parameter q, m and n meet condition:WhereinWithRepresent respectively and take
Go up whole and take off whole;
Described random number from set [0,1 ..., 2e] middle selection, wherein
3. method according to claim 1 it is characterised in that:
Described Intellisense terminal is sensor, point-of-sale terminal, personal digital assistant, smart mobile phone, tablet PC and wireless
One of phone.
4. method according to claim 2, the process wherein generating the alternate data item set of encryption specifically includes:
1) random number is chosen according to common parameter, and generation secret random number is calculated according to random number and include:
From integer set [0,1 ..., 2e] in take 2m group, wherein every group of n-1 random number:
{k1,1,k1,2,...,k1,n-1},{k2,1,k2,2,...,k2,n-1},…,{km,1,km,2,...,km,n-1},
{t1,1,t1,2,...,t1,n-1},{t2,1,t2,2,...,t2,n-1},…,{tm,1,tm,2,...,tm,n-1}
Wherein k and t represents random number;
Then calculate:
Calculated again based on result above:
{ the k generating according to the method described above1,k2,...,kn}、{t1,t2,...,tnNecessarily satisfying for:
With secured fashion by { k during the alternate data item set generating encryption1,k2,...,kn}、{t1,t2,...,tn}
Preserved as secret random number;
2) included with the safety commitment of secret random number according to described common parameter and secret random number calculating:
Calculate:
Wherein { w1,w2,...,wnMeet:
By { w1,w2,...,wnFor with regard to secret random number { k1,k2,...,kn}、{t1,t2,...,tnSafety certificate;Peace
The complete any information promising to undertake the random number that will not betray the pot to the roses, once announcing safety commitment, generation side cannot be using different secrets
Random number is producing the alternate data item of encryption;
3) safety commitment according to described common parameter, secret random number and secret random number generates the alternate data item of encryption
Set includes:
vj,i=kj+2e(i-1),I=1,2 ..., m,
J=1,2 ..., n
Above the small set { (v generatingj,0,pj,0),(vj,1,pj,1),...,(vj,m,pj,m) constitute the alternate data item encrypted,
The alternate data item of described encryption has n: { (vj,0,pj,0),(vj,1,pj,1),...,(vj,m,pj,m) (j=1,2 ..., n),
The alternate data item set of its composition encryption.
5. method according to claim 4 it is characterised in that:
The detailed process of the alternate data item validation verification of described encryption is as follows:
1) determine be associated with described Intellisense terminal alternate data item when, if Intellisense terminal have selected " standby
Select data item ci", then data aggregation node will be with ciAlternate data item { the d of corresponding encryption1,d2,...,dmAnd (vj,i,pj,i)
Output, and append the digital signature of Intellisense terminal;
2) when Intellisense terminal selects to confirm, if selected for " reselecting " option, then data aggregation node will
(vj,0,pj,0) and vj,0Corresponding m decimal number { d '1,d′2..., d 'mOutput, and reselected;
3) Intellisense terminal can be verified in real time: for two groups of digital { d1,d2,...,dmAnd { d '1,d′2,...,
d′m, except di-d′i=1, other m-1 numerals are all equal;If be unsatisfactory for, illustrate that the data of data aggregation node is deposited
In mistake;
4) terminate data submit to after, Intellisense terminal it is possible to verify that output pj,0、pj,iAnd the number of data aggregation node
Whether word signature is effective;If invalid, there is mistake in the data that terminal reports this data aggregation node to data aggregation server
By mistake;
5) if the alternate data item subitem (v of encryptionj,i,pj,i) being used as validation verification, then its corresponding encryption is alternative
Data item is equivalent to and is cancelled;Data aggregation node is only by (vj,0,pj,0) it is submitted to data aggregation server.
6. a kind of network data lens system, described system includes network data aggregation server, multiple network data assembles section
Point and multiple Intellisense terminals it is characterised in that
Described network data aggregation server includes:
Bulletin unit, to the multiple Intellisense terminal broadcast message in network data lens system to start network data gathering
Process, the digital signature of the subsidiary described network data aggregation server of described message, to prevent attacker from described message is usurped
Change;And, the data of determination is assembled result and is announced using BBS mode, and the data to described determination is provided
Assemble inquiry and the checking of result;
Registering unit, before network data accumulation process starts, is intelligently felt to each using line under type and/or online mode
Know that terminal is registered, generate public, private key pair for each Intellisense terminal, public key as the assumed name of its own and is sent
To data aggregation server, and preserve private key, wherein said Intellisense in the Intellisense terminal memory cell of itself
It is submitted to using private key pair data report is digitally signed by terminal, to ensure that data is not tampered with, data service aggregation
After the legitimacy of described Intellisense terminal verified by device, the public key of described Intellisense terminal is saved in legal assumed name list
In;
Initialization unit, generates common parameter, chooses random number according to common parameter, and it is secret to calculate generation according to random number
Random number;The safety certificate being associated with secret random number according to described common parameter and secret random number calculating;According to institute
State common parameter, secret random number and the collection of the alternate data item of safety certificate generation encryption being associated with secret random number
Close;
Data accumulation unit, the alternate data item set of described encryption is input to the backstage of each data aggregation node in network
In database;The list of the authentication information of all legal Intellisense terminals is input to the backstage of each data aggregation node
Database;
Data statistics unit, four-tuple < Intellisense terminal assumed name, the encryption according to the Intellisense terminal collected in network
Data item, the signature of Intellisense terminal, the signature of data aggregation node > carry out data statistics, true according to described data statistics
Fixed number is according to gathering result;
Data aggregation node, using in network data aggregation server storage multiple Intellisense terminals log-on message to phase
The Intellisense terminal answered is authenticated, by the Intellisense terminal of certification encryption alternate data item in determine with described
The data that Intellisense terminal is associated, described data aggregation node record four-tuple < Intellisense terminal assumed name, encryption data
, the signature of Intellisense terminal, the signature of data aggregation node >, described four-tuple is submitted to data as data report
Aggregation server;
Data intelligence perception terminal, determines the data being associated with described Intellisense terminal in the alternate data item of encryption.
7. network data lens system according to claim 6 it is characterised in that:
Described common parameter includes following part: 1) two Big prime p, q, meets 2q=p-1, and requires the group being formed according to pOn discrete logarithm problem difficulty assume set up, thus ensure encrypt alternate data item be not cracked;2) existIn
Q rank element g, h randomly selecting: generated by gCyclic subgroup be g;3) Intellisense terminal maximum value possible n, encryption
Alternate data item number n=ε n, wherein ε >=2 be safety coefficient;4) secure hash function h1:{0,1}*→zq, wherein zqFor
Group and be used for generate encryption alternate data item when construct non-interactive zero-knowledge proof;5) alternative item set is combined into
{c1,c2,…,cm, m is alternate data item number;
Described system common parameter q, m and n meet condition:WhereinWithRepresent respectively
Take whole and take off whole;
Described random number from set [0,1 ..., 2e] middle selection, wherein
8. network data lens system according to claim 6 it is characterised in that:
Described Intellisense terminal is sensor, point-of-sale terminal, personal digital assistant, smart mobile phone, tablet PC and wireless
One of phone.
9. network data lens system according to claim 7, the alternate data item set wherein generating encryption is specifically wrapped
Include:
1) random number is chosen according to common parameter, and generation secret random number is calculated according to random number and include:
From integer set [0,1 ..., 2e] in take 2m group, wherein every group of n-1 random number:
{k1,1,k1,2,...,k1,n-1},{k2,1,k2,2,...,k2,n-1},…,{km,1,km,2,...,km,n-1},
{t1,1,t1,2,...,t1,n-1},{t2,1,t2,2,...,t2,n-1},…,{tm,1,tm,2,...,tm,n-1}
Wherein k and t represents random number;
Then calculate:
Calculated again based on result above:
{ the k that easily proof generates according to the method described above1,k2,...,kn}、{t1,t2,...,tnNecessarily satisfying for:
{k1,k2,...,kn}、{t1,t2,...,tnPacify as secret random number during the alternate data item generating encryption
Full mode is preserved;
2) included with the safety commitment of secret random number according to described common parameter and secret random number calculating:
Calculate:
It can easily be proven that { w1,w2,...,wnMeet:
Can be by { w1,w2,...,wnRegard as with regard to secret random number { k1,k2,...,kn}、{t1,t2,...,tnSafety hold
Promise;Safety commitment will not betray the pot to the roses any information of random number, once announcing safety commitment, generation side cannot adopt different
Secret random number is used for producing the alternate data item of encryption;
3) safety commitment according to described common parameter, secret random number and secret random number generates the alternate data item of encryption
Set includes:
vj,0=kj,
vj,i=kj+2e(i-1),I=1,2 ..., m,
J=1,2 ..., n
The above { (v generatingj,0,pj,0),(vj,1,pj,1),...,(vj,m,pj,m) constitute an alternate data item encrypted, this
The alternate data item of the encryption of sample has n (the alternate data item set of composition encryption): { (vj,0,pj,0),(vj,1,
pj,1),...,(vj,m,pj,m) (j=1,2 ..., n).
10. network data lens system according to claim 9 it is characterised in that:
The detailed process of the alternate data item validation verification of described encryption is as follows:
1) when Intellisense terminal selects it is assumed that Intellisense terminal have selected " alternate item ci", then data aggregation node will be with
ciAlternate data item { the d of corresponding encryption1,d2,...,dmAnd (vj,i,pj,i) output, and append the digital signature of oneself;
2) when Intellisense terminal selects to confirm, if Intellisense terminal have selected " reselecting " option, data is gathered
Collection node is by (vj,0,pj,0) and vj,0Corresponding m decimal number { d '1,d′2,...,d′mOutput, and return to selection interface;
3) Intellisense terminal is verified on the spot: for two groups of digital { d1,d2,...,dmAnd { d '1,d′2,...,d′m, except di-
d′i=1, other m-1 numerals are all equal;If be unsatisfactory for, illustrate data aggregation node in cheating;
4), after terminating the alternate data item submission of encryption, Intellisense terminal can also be by means of the p of software verification outputj,0、
pj,iAnd whether the digital signature of data aggregation node is effective;If invalid, Intellisense terminal can be gathered to network data
Collection server complains this data aggregation node;
5) if the alternate data item subitem (v of encryptionj,i,pj,i) be used for doing validation verification, then the alternate data of this encryption
Item is equivalent to and is cancelled, and data aggregation node is only by (vj,0,pj,0) it is submitted to network data aggregation server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410010601.0A CN103680111B (en) | 2014-01-09 | 2014-01-09 | Method and system capable of verifying intelligent sensing terminal data aggregation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410010601.0A CN103680111B (en) | 2014-01-09 | 2014-01-09 | Method and system capable of verifying intelligent sensing terminal data aggregation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103680111A CN103680111A (en) | 2014-03-26 |
CN103680111B true CN103680111B (en) | 2017-01-25 |
Family
ID=50317524
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410010601.0A Expired - Fee Related CN103680111B (en) | 2014-01-09 | 2014-01-09 | Method and system capable of verifying intelligent sensing terminal data aggregation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103680111B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112308093B (en) * | 2020-11-24 | 2023-05-30 | 腾讯科技(深圳)有限公司 | Air quality perception method based on image recognition, model training method and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1954538A (en) * | 2004-05-12 | 2007-04-25 | 艾利森电话股份有限公司 | Key management messages for secure broadcast |
CN101150849A (en) * | 2006-09-18 | 2008-03-26 | 华为技术有限公司 | Method for binding management secret key, system, mobile node and communication node |
CN101702807A (en) * | 2009-11-16 | 2010-05-05 | 东南大学 | Wireless security access authentication method |
CN102412967A (en) * | 2011-09-29 | 2012-04-11 | 用友软件股份有限公司 | Data transmission system and method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7730209B2 (en) * | 2006-01-18 | 2010-06-01 | Microsoft Corporation | Efficient dispatch of messages based on message headers |
-
2014
- 2014-01-09 CN CN201410010601.0A patent/CN103680111B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1954538A (en) * | 2004-05-12 | 2007-04-25 | 艾利森电话股份有限公司 | Key management messages for secure broadcast |
CN101150849A (en) * | 2006-09-18 | 2008-03-26 | 华为技术有限公司 | Method for binding management secret key, system, mobile node and communication node |
CN101702807A (en) * | 2009-11-16 | 2010-05-05 | 东南大学 | Wireless security access authentication method |
CN102412967A (en) * | 2011-09-29 | 2012-04-11 | 用友软件股份有限公司 | Data transmission system and method |
Non-Patent Citations (2)
Title |
---|
关于多方安全协议的研究;张鹏;《中国优秀博硕士学位论文全文数据库(博士)信息科技辑》;20070215(第02期);I139-52 * |
网络编码中的保密通信;曹张华;《中国博士学位论文全文数据库信息科技辑》;20101115(第11期);I136-34 * |
Also Published As
Publication number | Publication date |
---|---|
CN103680111A (en) | 2014-03-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11232478B2 (en) | Methods and system for collecting statistics against distributed private data | |
Zhang et al. | Blockchain-based decentralized and secure keyless signature scheme for smart grid | |
Li et al. | Toward blockchain-based fair and anonymous ad dissemination in vehicular networks | |
CN104811450B (en) | The date storage method and integrity verification method of a kind of identity-based in cloud computing | |
Kumari et al. | Design of a provably secure biometrics-based multi-cloud-server authentication scheme | |
CN106254374B (en) | A kind of cloud data public audit method having duplicate removal function | |
CN108768992B (en) | Block chain based information anonymous transmission method and device and readable storage medium | |
CN110224993A (en) | Anonymous Electronic Voting method and system of calling to account based on block chain | |
CN108959911A (en) | A kind of key chain generates, verification method and its device | |
CN106878318A (en) | A kind of block chain real time polling cloud system | |
US10887104B1 (en) | Methods and systems for cryptographically secured decentralized testing | |
Gambs et al. | PROPS: A privacy-preserving location proof system | |
CN104993937A (en) | Method for testing integrity of cloud storage data | |
CN112600675B (en) | Electronic voting method and device based on group signature, electronic equipment and storage medium | |
Xu et al. | Multi-candidate voting model based on blockchain | |
CN115396115B (en) | Block chain data privacy protection method, device, equipment and readable storage medium | |
Li et al. | User-defined privacy-preserving traffic monitoring against n-by-1 jamming attack | |
CN104754570A (en) | Key distribution and reconstruction method and device based on mobile internet | |
CN108718323A (en) | A kind of identity identifying method and system | |
Thapa et al. | SPA: A secure and private auction framework for decentralized online social networks | |
CN110011998A (en) | A kind of prepare more part teledata of identity-based holds verification method | |
Zhu et al. | Anonymous voting scheme for boardroom with blockchain | |
Faour | Transparent voting platform based on permissioned blockchain | |
CN103680111B (en) | Method and system capable of verifying intelligent sensing terminal data aggregation | |
Killer et al. | Æternum: A decentralized voting system with unconditional privacy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170125 |
|
CF01 | Termination of patent right due to non-payment of annual fee |